Banking trojan Dridex uses macros for infection
Jump to navigation
Jump to search
(Publication) Google search: [1]
Banking trojan Dridex uses macros for infection | |
---|---|
Botnet | Dridex, Cridex |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2014 / 2014-11-05 |
Editor/Conference | Trend Micro |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/banking-trojan-dridex-uses-macros-for-infection/ (Archive copy) |
Author | Rhena Inocencio |
Type |
Abstract
“ The appearance of DRIDEX comes a couple of years after CRIDEX’s entry in the threat landscape. Both CRIDEX and DRIDEX steal personal information, specifically related data to online banking. DRIDEX is considered as the successor because it uses a new way to steal information—via HTML injections.
However, there is a major difference between the two. CRIDEX malware is one of the payloads associated with exploit kit spam attacks. DRIDEX, on the other hand, relies on spam to deliver Microsoft Word documents containing malicious macro code. The macro code downloads DRIDEX onto the affected system.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR1413, editor = {Trend Micro}, author = {Rhena Inocencio}, title = {Banking trojan Dridex uses macros for infection}, date = {05}, month = Nov, year = {2014}, howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/banking-trojan-dridex-uses-macros-for-infection/}}, }